import time

from fastapi import FastAPI, Depends, HTTPException, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from pydantic import BaseModel
from starlette.middleware.cors import CORSMiddleware

app = FastAPI()

# 配置CORS
app.add_middleware(
    CORSMiddleware,
    allow_origins=["*"],  # 允许所有源，生产环境应该指定具体域名
    allow_credentials=True,
    allow_methods=["*"],  # 允许所有方法
    allow_headers=["*"],  # 允许所有头
)

# 模拟用户数据库
fake_users_db = {
    "johndoe": {
        "username": "johndoe",
        "password": "secret",  # 实际中应该存储哈希值
        "disabled": False,
    }
}


class User(BaseModel):
    username: str
    disabled: bool = False


class Token(BaseModel):
    access_token: str
    token_type: str


class LoginRequest(BaseModel):
    username: str
    password: str
    grant_type: str = "password"
    scope: str = ""
    client_id: str = "string"
    client_secret: str = "string"


@app.post("/auth/login")
async def login_json(login_data: LoginRequest):
    # 这里处理登录逻辑
    time.sleep(4)
    if login_data.username != "admin" or login_data.password != "admin":
        raise HTTPException(status_code=400, detail="用户名或密码错误")

    return {
        "access_token": "fake-super-secret-token",
        "token_type": "bearer"
    }
